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DETAILED ACTION 

1 . The following is a FINAL office action upon examination of application number 
10/729,814. Claims 1-15 are pending in the application and have been examined on the 
merits discussed below. 

Response to Amendment 

2. The amendment filed March 4, 2009 amended claims 1-7. 

3. The previous rejection of claims 1-5 raised under 35 USC 101 are withdrawn in 
view of the claim amendments in the response filed March 4, 2009. 

4. The previous rejection of claims 1 -1 5 raised under 35 USC 1 1 2, 1 st paragraph, is 
partially withdrawn in view of the Applicant's disclosure that the term "critical 
information" is in alignment with the definition used by the Department of Defense, 
which is within the level of one of ordinary skill in the art. 

Response to Arguments 

5. Applicant's arguments filed March 4, 2009 have been fully considered but they 
are not persuasive. 

Applicant argues that Patrick and Muehlen are non-patent literature reference 
and therefore are not assumed to be enabling. 



The Examiner respectfully disagrees. As perMPEP 2121.01, 
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"A reference contains an "enabling disclosure" if the public was in 
possession of the claimed invention before the date of the invention. "Such 
possession is effected if one of ordinary skill in the art could have combined the 
publication's description of the invention with his [or her] own knowledge to make 
the claimed invention." In re Donohue, 766 F.2d 531, 226 USPQ 619 (Fed. Cir. 
1985)." 



Further, as per MPEP 2121 .01 (II), 

"Even if a reference discloses an inoperative device, it is prior art for all 
that it teaches." Beckman Instruments v. LKB ProdukterAB, 892 F.2d 1547, 
1551, 13 USPQ2d 1301, 1304 (Fed. Cir. 1989). Therefore, "a non-enabling 
reference may qualify as prior art for the purpose of determining obviousness 
under 35 U.S.C. 103." Symbol Techs. Inc. v. Opticon Inc., 935 F.2d 1569, 1578, 
19USPQ2d 1241, 1247 (Fed. Cir. 1991). 



Thus, the Applicant's arguments are incorrect, and the Patrick and Muehlen 
references qualify as prior art for the purpose of determining obviousness and contain 
an "enabling disclosure" as defined by MPEP 2121.01. 



Applicant argues that the previous rejection failed to explain how the Chan- 
Patrick combination could select anything "for which the exposure measure is calculated 
to be a minimum. 



The Examiner respectfully disagrees. As cited in the previous rejection, Patrick 
assigns tasks to agents under the principle of least privilege, minimizing the number of 
privileges granted to each agent (i.e., minimizing exposure). Patrick teaches that it is 
possible to derive a feasible assignment of agents to tasks given a set of agents who 
are capable of performing given tasks, the assignment catering to many goals, such as 
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guaranteed completion of all tasks and minimizing SRF [page 77]. Patrick further 
teaches generating a plurality of assignments using an algorithm disclosed by Figure 
5.7 [pages 79-80] and teaches that to generate an optimal solution (using the algorithm 
disclosed by Patrick), an exhaustive search would search through many possible 
assignments [page 79]. Patrick also teaches that workflows are represented as a 
partially ordered sequence of tasks that is coordinated by a set of events (page 31 ); in 
other words, from all possible task assignments (i.e., workflow), a specific (i.e., target) 
workflow is selected to assign tasks and privileges to agents. Chan teaches the step of 
creating a plurality of workflows (i.e., a set of possible workflows). Both Chan and 
Patrick are directed towards workflow development, and the combination would not 
destroy either reference or render the combination inoperable, as Chan and Patrick are 
directed towards different aspects of workflow development. The combination of Chan 
and Patrick would yield a system that would construct a set of possible workflows and to 
select one of said workflows that minimizes the exposure cost, thereby meeting the 
claimed limitation of "selecting a target workflow from [a] constructed set of possible 
workflows for which the exposure cost measure is calculated to be a minimum". 

Applicant argues that any interpretation offered by the Communication must at 
least be consistent with the claims. Specifically, Applicant asserts that Muehlen 
describes the "cheapest/fastest/most effective resource that satisfies certain 
qualification criteria" whereas the claimed invention recites "selecting a target workflow 
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from the constructed set of possible workflows for which the exposure cost measure is 
calculated to be a minimum". 

In response to applicant's argument that Muehlne's cheapest/fastest/most 
effective analysis is inconsistent with the claimed invention that suggests that exposure 
measure should be reduced with possible increases in resource usage and reduced 
speed, the fact that applicant has recognized another advantage which would flow 
naturally from following the suggestion of the prior art cannot be the basis for 
patentability when the differences would otherwise be obvious. See Ex parte Obiaya, 
227 USPQ 58, 60 (Bd. Pat. App. & Inter. 1985). 

Further, in response to applicant's argument that the references fail to show 
certain features of applicant's invention, it is noted that the features upon which 
applicant relies (i.e., reducing exposure measure with possible increases in resource 
usage and reduced speed) are not recited in the rejected claim(s). Although the claims 
are interpreted in light of the specification, limitations from the specification are not read 
into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 
1993). 

Applicant argues that it is improper to offer an interpretation of the claims that is 
inconsistent with Applicants' claims and the teachings of the Specification. 
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The Examiner respectfully agrees and asserts that no improper interpretations of 
the claims have been made in the instant application. As per MPEP 2111, claims must 
be "given their broadest reasonable interpretation consistent with the specification". 
MPEP 2111 further states: 

"The court explained that "reading a claim in light of the specification, to 
thereby interpret limitations explicitly recited in the claim, is a quite different thing 
from 'reading limitations of the specification into a claim,' to thereby narrow the 
scope of the claim by implicitly adding disclosed limitations which have no 
express basis in the claim." The court found that applicant was advocating the 
latter, i.e., the impermissible importation of subject matter from the specification 
into the claim.). See also In re Morris, 127 F.3d 1048, 1054-55, 44 USPQ2d 
1023, 1027-28 (Fed. Cir. 1997) (The court held that the PTO is not required, in 
the course of prosecution, to interpret claims in applications in the same manner 
as a court would interpret claims in an infringement suit. Rather, the "PTO 
applies to verbiage of the proposed claims the broadest reasonable meaning of 
the words in their ordinary usage as they would be understood by one of ordinary 
skill in the art, taking into account whatever enlightenment by way of definitions 
or otherwise that may be afforded by the written description contained in 
applicant's specification."). 

The broadest reasonable interpretation of the claims must also be 
consistent with the interpretation that those skilled in the art would reach." 

Thus, the Examiner asserts that the broadest reasonable interpretation of the 
claims have been made in light of the specification. 



Official Notice 

6. Applicant has attempted to challenge the Examiner's taking of Official Notice in 
the Office Action mailed June 9, 2008. There are minimum requirements for a challenge 
to Official Notice: 
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(a) In general, a challenge, to be proper, must contain adequate information 
or arguments so that on its face it creates a reasonable doubt regarding the 
circumstances justifying the Official Notice 

(b) Applicants must seasonably traverse (challenge) the taking of Official 
Notice as soon as practicable, meaning the next response following an Office Action. If 
an applicant fails to seasonably traverse the Official Notice during examination, his right 
to challenge the Official Notice is waived. 

Applicant has not provided adequate information or arguments so that on its face 
it creates a reasonable doubt regarding the circumstances justifying the Official Notice. 
Therefore, the presentation of a reference to substantiate the Official Notice is not 
deemed necessary. The Examiner's taking of Official Notice has been maintained. 

Bald statements such as, "the Examiner has not provided proof that this element 
is well known" or "applicant disagrees with the Examiner's taking of Official Notice and 
hereby requests evidence in support thereof, are not adequate and do not shift the 
burden to the Examiner to provide evidence in support of the Official Notice. 

Regardless, the Examiner submits, as evidence, Michael zur Muehlen's 
"Workflow-based Process Controlling - Or: What You Can Measure You Can Control" 
(previously provided as reference 1-U in the Office Action mailed December 9, 2008) in 
support of the assertion that "using quantifiable methods to measure data describing the 
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state or performance of a system or process, such as length, duration, or amount of an 
event or output, or a combination of multiple descriptive measures, is old and well 
known in the art." Muehlen teaches that workflow monitoring can also be divided into 
technical and organizational monitoring and can be used for performance measurement 
(e.g., response time, system load, etc.), and organizational monitoring measures the 
organizational efficiency (e.g., idle times, workload analysis, etc.) [page 62]. Muehlen 
also discusses that process monitoring is useful to measure the value of the IT 
investment necessary to improve the processes, and that the effects related to a 
workflow management system can be distinguished in monetary and non-monetary 
effects, including reduced processing times (personnel cost), reduced transport times 
(personnel and resource cost), and reduced storage costs (for paper archives) [page 
65]. Muehlen also discusses uses information from the workflow audit trail and the 
timestamp of the activation, execution and completion or abortion of workflow activities 
to compute process cycle times, lay- and idle-times as well as activity processing times 
and their deviations [pages 66 and 70]. Muehlen also discusses measuring the quality 
in terms of describing the efficiency of a resource, or the total output, measuring the 
effectiveness of a resource, and states that the cost, time and quality indicators of 
resources can be used within the role-based staff resolution, and that in this way, an 
activity may request the cheapest/fastest/most effective resource that satisfies certain 
qualification criteria [page 72]. Thus, the Examiner asserts that Muehlen discloses a 
plurality of examples in support of the Official Notice that "using quantifiable methods to 
measure data describing the state or performance of a system or process, such as 
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length, duration, or amount of an event or output, or a combination of multiple 
descriptive measures, is old and well known in the art." 

Claim Rejections - 35 USC §112 

7. The following is a quotation of the first paragraph of 35 U.S. C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

8. Claims 1 -1 5 are rejected under 35 U.S.C. 1 1 2, first paragraph, as based on a 
disclosure which is not enabling. Subject matter critical or essential to the practice of the 
invention, but not included in the claim(s) is not enabled by the disclosure. See In re 
Mayhew, 527 F.2d 1229, 188 USPQ 356 (CCPA 1976). 

The claimed invention recites in claims 1, 6, and 7 that the exposure cost 
measure is "based upon, in part details of critical information..." [emphasis added]. 
However, the specification merely mentions that "the exposure measure may be 
calculated based upon the amount of information that is exposed, or the duration for 
which that information is exposed, or a combination of both" [page 2, lines 27-29]. The 
specification does not discuss the possible consideration of factors other than the 
amount and/or duration of information exposure. The specification only contemplates 
the use of these measures. Thus, the use of other considerations other than the 
amount and duration of information exposure would not be enabled by the specification; 
therefore, one of ordinary skill in the art would not be enabled to make, practice or use 
the claimed invention without undue experimentation. 
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Furthermore, assuming that other considerations beyond the temporarily stored 
critical information were enabled, the specification does not specify how these additional 
considerations would be combined with said temporarily stored critical information in 
order to calculate an exposure cost. For example, would the calculation be based on an 
equal or weighted combination of factors? How would the considerations be combined 
to yield an exposure cost measure? The metes and bounds of the basis of the 
calculation of an exposure cost measure is therefore unclear because the specification 
does not provide adequate written disclosure to enable an artisan of ordinary skill in the 
art to make and/or use the invention as intended by the Applicant since the invention 
could be utilized differently by each human user in light of differences in subjectivity 
among humans. 

9. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

10. Claims 1-15 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

The claimed invention recites in claims 1, 6, and 7 that the exposure cost 
measure is "based upon, in part details of critical information..." [emphasis added]. 
However, it is unclear how other considerations other than the amount and duration of 
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information exposure would be used in the calculation of an exposure cost measure. 
For example, would the calculation be based on an equal or weighted combination of 
factors? How would the considerations be combined to yield an exposure cost 
measure? The specification does not specify how other considerations affect the 
calculation of the exposure cost measure and is therefore indefinite. 

Claim Rejections - 35 USC § 103 

1 1 . The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

12. Claims 1 -1 5 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Chan et al. (US Patent #6,889,375) in view of Hung Chak Kuen Patrick's "Secure 
Workflow Model" (published April 2001 and previously provided as reference 1-V, 
hereinafter referred to as Patrick) and further in view of Michael zur Muehlen's 
"Workflow-based Process Controlling - Or: What You Can Measure You Can Control" 
(previously provided as reference 1-U, hereinafter referred to as Muehlen). 

As per claim 1 , Chan et al. teaches a machine-implemented method for selecting 
a workflow, said method comprising the steps of: 

(a) a computer constructing a set of possible workflows meeting a workflow 
specification having a predetermined input and a required output, using components 
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having defined inputs and outputs (A display 148 presents icons representing 
workflows 108 and workflow steps 109 in an editor window 150, enabling a user 
to easily create and edit workflows 108. Contracts 102a specify interactions 
between design-time container 110 and workflows 108 and workflow steps 109 
typically by describing service that design-time container is to provide to 
workflow steps 109. For example, a contract 102a specifies that design-time 
container 110 is to retrieve workflow steps 109 for workflow 108 by associating 
workflow 108 with the retrieval of workflow steps 109. Another contract 102a 
specifies that design-time container 110 is to retrieve input data from a user for 
workflow step 109 by associating workflow step 109 with the retrieval of input 

data Application server 128 includes a workflow repository 132, a workflow 

administrator 130, and run-time container 112. Workflow repository 132 stores 
workflows 108 and contracts 102c associated with the workflows. Contracts 102c 
specify interactions between workflows 108 and workflow steps 109. For 
example, a workflow step 109 is designed to retrieve a file and includes a file 
name variable. An instantiation of workflow 108, called a task, supplies the file 
name value to be used for the file name variable. A contract 102 specifies the file 
by associating the file name variable of workflow step 109 and the file name value 
of the task) [Column 3, lines 28-39, 45-55]; 



Although not explicitly taught by Chan et a\., Patrick teaches the steps of: 
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(b) a computer calculating a exposure measure for each of the possible 
workflows in the set of possible workflows (Security Risk Factor - the maximum 
number of tasks done by any one agent. Essentially, the SRF measure the level of 
risk associated with a set of agents executing a group of inter-dependent tasks; 
Security Risk Factor... is based on evenly distributing the tasks over a set of 
agents with the condition that all the agents are capable of executing all the tasks 
and all of them can access the documents with the different privileges needed by 
each task.... We introduce the concept of Security Risk Value and incorporate it 
into SRF. SRV is a value from 0 to 1.0 that indicates the level of risk. The higher 
the value, the higher is the risk) [pages 73, 79, 96]; and 

(c) a computer selecting a target workflow from the constructed set of 
possible workflows for which the exposure measure is calculated to be a minimum 
(When statically assigning tasks (and the associated privileges) to agents, the 
principle of least privilege dictates that each agent should be granted as few 
privileges as possible, under the constraint that all tasks can be done; for any 
given task, the set of agents who are capable of performing that task is given. 
From this information, it is possible to derive a feasible assignment of agents to 
tasks. This assignment can cater to many goals, such as guaranteed completion 
of all tasks, and minimizing SRF.... There are many possible assignments of 
agents to tasks. In particular, we want to make the assignment of agents to tasks 
in such a way that we minimize the SRF... the algorithm in Figure 5.7 
approximizes the minimization of SRF) {from the plurality of possible agent-task 
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assignments, the assignment that minimizes the SRF is "selected"} [Pages 73, 77- 
80]. 

Chan et al. is directed towards creating and developing workflows based on 
contracts that specify the relationship between workflows and workflow steps (i.e., 
workflow specification), whereas Patrick is directed towards considering access control 
security in providing the development of secure workflow. Thus, both Chan et al. and 
Patrick are deemed to be related towards different aspects of workflow development. 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
invention to modify the teachings of Chan et al. to include the steps of calculating the 
exposure measure of each workflow and selecting the workflow with the smallest 
(minimum) exposure measure, as taught by Patrick, because doing so enhances the 
teachings of Chan et al. by integrating the concept of least privilege, granting only those 
privileges that are necessary to accomplish the task at hand, in order to provide the 
resultant high degree of security, facilitate hamper-free execution of workflows, and 
provide mechanisms to design systems that meet user's requirements for maintaining a 
high degree of security while getting workflows executed, as taught by Patrick [pages 
66-67]. 

The combined teachings of Chan et al. and Patrick do not explicitly teach an 
exposure cost measure being based upon, in part, details of critical information that is 
temporarily stored between processing steps within each of said possible workflows. 
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However, Muehlen teaches the step of measuring the cost of a workflow based 
on performance measurement (e.g., response time, system load, etc.) and 
organizational efficiency (e.g., idle times, workload analysis, etc.) [page 62], and 
measuring the value of processes, including reduced processing times (personnel cost) 
and reduced storage costs [page 65]. Muehlen also teaches using the timestamp of 
state-changes regarding processes and activities of a workflow to compute process 
cycle times, lay- and idle-times (i.e., unused or "temporarily stored" resources) as well 
as activity processing times and their deviations [pages 66 and 70]. Muehlen teaches 
that typical cost criteria would be the costs for the handling of an object [page 72]. 

Muehlen is directed towards providing measures to evaluate workflow-based 
processes, whereas Chan et al. is directed towards creating and developing workflows 
based on contracts that specify the relationship between workflows and workflow steps 
(i.e., workflow specification), and Patrick is directed towards considering access control 
security in providing the development of secure workflow. Thus, Chan et al., Patrick and 
Muehlen are deemed to be related towards different aspects of workflow development, 
and therefore, analogous. Therefore, it would have been obvious to one of ordinary skill 
in the art at the time of invention to modify the combined teachings of Chan et al. and 
Patrick to calculate the exposure cost of a workflow using the information that is 
temporarily stored between processing steps, because doing so would enable the 
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selection of the cheapest/fastest/most effective resource that satisfies certain 
qualification criteria, as taught by Muehlen [page 72]. 

As per claim 2, Chan et al. teaches the method as claimed in claim 1, further 
comprising the step of said computer storing a library of components from which 
possible workflows can be constructed (The display may include a palette of 
workflow steps 109 that may be selected to build or edit a workflow 108 by, for 
example, a drag-and-drop operation. Design-time container 110 retrieves 
workflow steps 109 from workflow library 111 and inserts them into workflow 108 
as a user designs workflow 108; Palette window 156 provides a list of the 
workflow steps 109 available for designing workflows 108. Workflow steps 109 
may be placed in folders to organize the steps 109) [Column 3, lines 21-27, Column 
6, lines 14-22]. 

As per claim 3, although not explicitly taught by Chan et al., Patrick teaches the 
method as claimed in claim 1 , further comprising the step of said computer defining said 
exposure cost measure to be representative of an amount of information that a 
constructed workflow exposes (We define Security Risk Factor to be the maximum 
number of tasks done by any one agent) [Page 73]. 

Chan et al. is directed towards creating and developing workflows based on 
contracts that specify the relationship between workflows and workflow steps (i.e., 
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workflow specification), whereas Patrick is directed towards considering access control 
security in providing the development of secure workflow. Thus, both Chan et al. and 
Patrick are deemed to be related towards different aspects of workflow development. 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
invention to modify the teachings of Chan et al. to include the steps of calculating the 
exposure measure of each workflow and selecting the workflow with the smallest 
(minimum) exposure measure, as taught by Patrick, because doing so enhances the 
teachings of Chan et al. by integrating the concept of least privilege, granting only those 
privileges that are necessary to accomplish the task at hand, in order to provide the 
resultant high degree of security, facilitate hamper-free execution of workflows, and 
provide mechanisms to design systems that meet user's requirements for maintaining a 
high degree of security while getting workflows executed, as taught by Patrick [pages 
66-67]. 

As per claim 4, Chan et al. does not explicitly teach the method as claimed in 
claim 1 , further comprising the step of said computer defining said exposure cost 
measure to be representative of a duration for which a constructed workflow exposes 
information. 

Patrick discusses the concept of least privilege, where users are given access 
privileges only long enough to perform the task assigned to them (ideally, the agent 
would be allowed to write d only when he is actively engaged in task t. In the 
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workflow, the agent who is assigned to the task dynamically (i.e., at runtime) is 
granted the least privileges to the documents required for the execution of the 
task. Therefore, the agent can access those required documents during the 
execution of the task. These privileges are then revoked from the agent after it 
has finished performing the task) [Pages 81-82], and provides quantifiable measures 
regarding the exposure of a workflow (We define Security Risk Factor to be the 
maximum number of tasks done by any one agent) [Page 73], but does not explicitly 
teach the step of defining an exposure measure as representative of a duration for 
which a constructed workflow exposes information. 

However, Official Notice is taken that using quantifiable methods to measure 
data describing the state or performance of a system or process, such as length, 
duration, or amount of an event or output, is old and well known in the art. For example, 
Muehlen teaches the use of quantifiable measures to monitor workflow processes, 
including processing, transport, idle and cycle times (i.e., a duration of time for the 
process) [pages 65, 66, 70]. 

Muehlen is directed towards providing measures to evaluate workflow-based 
processes, whereas Chan et al. is directed towards creating and developing workflows 
based on contracts that specify the relationship between workflows and workflow steps 
(i.e., workflow specification), and Patrick is directed towards considering access control 
security in providing the development of secure workflow. Thus, Chan et al., Patrick and 
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Muehlen are deemed to be related towards different aspects of workflow development, 
and therefore, analogous. Therefore, it would have been obvious to one of ordinary skill 
in the art at the time of invention to modify the teachings of Chan et al. to define an 
exposure measure of each workflow as representative of a duration for which a 
workflow exposes information, because doing so enhances the teachings of the concept 
of least privilege, as taught by Patrick, by providing a quantifiable measure that allows a 
quantifiable comparison of exposure duration for benchmarking and establishing 
maximum thresholds as a basis for redesigning workflow to become more secure and 
abide by the principle of least privilege taught by Patrick, and further enables 
organizations to focus their risk management efforts strategically by quantifying and 
demonstrating improvement and enhanced security of workflows, and tracking 
performance over time, and further because doing so would enable the selection of the 
cheapest/fastest/most effective resource that satisfies certain qualification criteria, as 
taught by Muehlen [page 72]. 

Further, one of ordinary skill in the art would have recognized that applying the 
known technique of applying quantitative measures to the teachings of Chan et al. and 
Patrick would have yielded predictable results because the level of ordinary skill in the 
art demonstrated by the references applied shows the ability to incorporate quantitative 
measures describing the exposure "measure". Further, applying a quantitative measure 
to measure the length or duration of time information is exposed would have been 
recognized by those of ordinary skill in the art as resulting in an improved system that 
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would allow more quantifiable comparison of exposure duration for benchmarking and 
establishing of maximum thresholds as a basis for redesigning workflow to become 
more secure and abide by the principle of least privilege taught by Patrick, enabling 
organizations to focus their risk management efforts strategically by quantifying and 
demonstrating improvement and enhanced security of workflows, and tracking 
performance over time. 

As per claim 5, although not explicitly taught by Chan et al., Patrick teaches the 
method as claimed in claim 1 , further comprising the step of said computer defining said 
exposure cost measure to be representative of an amount of information that a 
constructed workflow exposes (We define Security Risk Factor to be the maximum 
number of tasks done by any one agent) [Page 73]. 

Chan et al. is directed towards creating and developing workflows based on 
contracts that specify the relationship between workflows and workflow steps (i.e., 
workflow specification), whereas Patrick is directed towards considering access control 
security in providing the development of secure workflow. Thus, both Chan et al. and 
Patrick are deemed to be related towards different aspects of workflow development. 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
invention to modify the teachings of Chan et al. to include the steps of calculating the 
exposure measure of each workflow and selecting the workflow with the smallest 
(minimum) exposure measure, as taught by Patrick, because doing so enhances the 
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teachings of Chan et al. by integrating the concept of least privilege, granting only those 
privileges that are necessary to accomplish the task at hand, in order to provide the 
resultant high degree of security, facilitate hamper-free execution of workflows, and 
provide mechanisms to design systems that meet user's requirements for maintaining a 
high degree of security while getting workflows executed, as taught by Patrick [pages 
66-67]. 

Patrick discusses the concept of least privilege, where users are given access 
privileges only long enough to perform the task assigned to them (ideally, the agent 
would be allowed to write d only when he is actively engaged in task t. In the 
workflow, the agent who is assigned to the task dynamically (i.e., at runtime) is 
granted the least privileges to the documents required for the execution of the 
task. Therefore, the agent can access those required documents during the 
execution of the task. These privileges are then revoked from the agent after it 
has finished performing the task) [Pages 81-82], and provides quantifiable measures 
regarding the exposure of a workflow (We define Security Risk Factor to be the 
maximum number of tasks done by any one agent) [Page 73], but does not explicitly 
teach the step of defining an exposure measure as representative of a duration and 
amount for which information is exposed for a constructed workflow. 

However, Official Notice is taken that using quantifiable methods to measure 
data describing the state or performance of a system or process, such as length, 
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duration, or amount of an event or output, or a combination of multiple descriptive 
measures, is old and well known in the art. For example, Muehlen teaches the use of 
quantifiable measures to monitor workflow processes, including processing, transport, 
idle and cycle times (i.e., a duration of time for the process) [pages 65, 66, 70], and 
further teaches that workflow monitoring can comprise a combination of both technical 
and organizational monitoring, wherein technical monitoring is used for performance 
measurement (e.g., response time, system load, etc.) and organizational monitoring 
measures the organizational efficiency (e.g., idle times, workload analysis, etc.) [page 
62]. 

Muehlen is directed towards providing measures to evaluate workflow-based 
processes, whereas Chan et al. is directed towards creating and developing workflows 
based on contracts that specify the relationship between workflows and workflow steps 
(i.e., workflow specification), and Patrick is directed towards considering access control 
security in providing the development of secure workflow. Thus, Chan et al., Patrick and 
Muehlen are deemed to be related towards different aspects of workflow development, 
and therefore, analogous. Therefore, it would have been obvious to one of ordinary skill 
in the art at the time of invention to modify the teachings of Chan et al. to define an 
exposure measure of each workflow as representative of a duration for which a 
workflow exposes information, because doing so enhances the teachings of the concept 
of least privilege, as taught by Patrick, by providing a quantifiable measure that allows a 
quantifiable comparison of exposure duration for benchmarking and establishing 
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maximum thresholds as a basis for redesigning workflow to become more secure and 
abide by the principle of least privilege taught by Patrick, and further enables 
organizations to focus their risk management efforts strategically by quantifying and 
demonstrating improvement and enhanced security of workflows, and tracking 
performance over time, and further because doing so would enable the selection of the 
cheapest/fastest/most effective resource that satisfies certain qualification criteria, as 
taught by Muehlen [page 72]. 

Further, one of ordinary skill in the art would have recognized that applying the 
known technique of applying quantitative measures to the teachings of Chan et al. and 
Patrick would have yielded predictable results because the level of ordinary skill in the 
art demonstrated by the references applied shows the ability to incorporate quantitative 
measures describing the exposure "measure". Further, applying a quantitative measure 
to measure the length or duration of time information is exposed would have been 
recognized by those of ordinary skill in the art as resulting in an improved system that 
would allow more quantifiable comparison of exposure duration for benchmarking and 
establishing of maximum thresholds as a basis for redesigning workflow to become 
more secure and abide by the principle of least privilege taught by Patrick, enabling 
organizations to focus their risk management efforts strategically by quantifying and 
demonstrating improvement and enhanced security of workflows, and tracking 
performance over time. 
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Claim 6 recites limitations already addressed by the rejection of claim 1 above; 
therefore, the same rejection applies. 

Further, the teachings of Chan et al. are embodied as a computer-based system, 
evidenced by its use within a communications network (telecommunications device 
120 communicates with system 104 through a communications network 122 such 
as a local, wide, or global area network, a private branch exchange, a public 
switched telephone network, wired and/or wireless communication links, and/or 
any combination of the previously mentioned communication links) and use of 
software comprising instructions executable by a computer system, evidenced by the 
use of Java-based programming (Microsoft Windows Foundation Class or Java 
Foundation Class may be used by design-time container 110) and other computing- 
based structures (run-time container, design time container) [Column 2, lines 37-47, 
Column 3, lines 20-21 , claim 1]. 

Claim 7 recites limitations already addressed by the rejection of claim 1 above; 
therefore, the same rejection applies. 

Further, the teachings of Chan et al. are embodied within application 
development software embodied in a computer-readable medium [Claim 15]. 
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Claim 8 recites limitations already addressed by the rejection of claim 2 above; 
therefore, the same rejection applies. 

Claim 9 recites limitations already addressed by the rejection of claim 3 above; 
therefore, the same rejection applies. 

Claim 10 recites limitations already addressed by the rejection of claim 4 above; 
therefore, the same rejection applies. 

Claim 1 1 recites limitations already addressed by the rejection of claim 5 above; 
therefore, the same rejection applies. 

Claim 12 recites limitations already addressed by the rejection of claim 2 above; 
therefore, the same rejection applies. 

Claim 13 recites limitations already addressed by the rejection of claim 3 above; 
therefore, the same rejection applies. 

Claim 14 recites limitations already addressed by the rejection of claim 4 above; 
therefore, the same rejection applies. 
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Claim 15 recites limitations already addressed by the rejection of claim 5 above; 
therefore, the same rejection applies. 

Conclusion 

13. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Emberton et al. (US Patent #6,349,320) teaches a computer executable workflow 
management and control system. An amount of unused entries in an ordered list is 
determined and compared to a predetermined threshold 

14. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to PETER CHOI whose telephone number is (571)272- 
6971 . The examiner can normally be reached on M-F 9-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Beth Boswell can be reached on (571) 272-6737. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

June 2, 2009 
IP. C.I 

Examiner, Art Unit 3623 

/Jonathan G. Sterrett/ 

Primary Examiner, Art Unit 3623 



